diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2012-10-14 13:39:34 -0700 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2012-10-14 13:39:34 -0700 |
| commit | cacabe4c2b2a2f49562505b2a8e76ef6fe14e44b (patch) | |
| tree | 2da1f94be7c5b4f289f9fbda49d4c44f4dc85b03 /crypto/asymmetric_keys/Kconfig | |
| parent | f614adad2e7749e37b3cc7cdecab71602f04534f (diff) | |
| parent | f1b6883a1e29f85809431bebe43a63f2fd46e7bb (diff) | |
| download | linux-crypto-cacabe4c2b2a2f49562505b2a8e76ef6fe14e44b.tar.gz linux-crypto-cacabe4c2b2a2f49562505b2a8e76ef6fe14e44b.zip | |
Merge branch 'modules-next' of git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux
Pull module signing support from Rusty Russell:
"module signing is the highlight, but it's an all-over David Howells frenzy..."
Hmm "Magrathea: Glacier signing key". Somebody has been reading too much HHGTTG.
* 'modules-next' of git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux: (37 commits)
X.509: Fix indefinite length element skip error handling
X.509: Convert some printk calls to pr_devel
asymmetric keys: fix printk format warning
MODSIGN: Fix 32-bit overflow in X.509 certificate validity date checking
MODSIGN: Make mrproper should remove generated files.
MODSIGN: Use utf8 strings in signer's name in autogenerated X.509 certs
MODSIGN: Use the same digest for the autogen key sig as for the module sig
MODSIGN: Sign modules during the build process
MODSIGN: Provide a script for generating a key ID from an X.509 cert
MODSIGN: Implement module signature checking
MODSIGN: Provide module signing public keys to the kernel
MODSIGN: Automatically generate module signing keys if missing
MODSIGN: Provide Kconfig options
MODSIGN: Provide gitignore and make clean rules for extra files
MODSIGN: Add FIPS policy
module: signature checking hook
X.509: Add a crypto key parser for binary (DER) X.509 certificates
MPILIB: Provide a function to read raw data into an MPI
X.509: Add an ASN.1 decoder
X.509: Add simple ASN.1 grammar compiler
...
Diffstat (limited to '')
| -rw-r--r-- | crypto/asymmetric_keys/Kconfig | 38 |
1 files changed, 38 insertions, 0 deletions
diff --git a/crypto/asymmetric_keys/Kconfig b/crypto/asymmetric_keys/Kconfig new file mode 100644 index 00000000..6d2c2ea1 --- /dev/null +++ b/crypto/asymmetric_keys/Kconfig @@ -0,0 +1,38 @@ +menuconfig ASYMMETRIC_KEY_TYPE + tristate "Asymmetric (public-key cryptographic) key type" + depends on KEYS + help + This option provides support for a key type that holds the data for + the asymmetric keys used for public key cryptographic operations such + as encryption, decryption, signature generation and signature + verification. + +if ASYMMETRIC_KEY_TYPE + +config ASYMMETRIC_PUBLIC_KEY_SUBTYPE + tristate "Asymmetric public-key crypto algorithm subtype" + select MPILIB + help + This option provides support for asymmetric public key type handling. + If signature generation and/or verification are to be used, + appropriate hash algorithms (such as SHA-1) must be available. + ENOPKG will be reported if the requisite algorithm is unavailable. + +config PUBLIC_KEY_ALGO_RSA + tristate "RSA public-key algorithm" + depends on ASYMMETRIC_PUBLIC_KEY_SUBTYPE + select MPILIB_EXTRA + help + This option enables support for the RSA algorithm (PKCS#1, RFC3447). + +config X509_CERTIFICATE_PARSER + tristate "X.509 certificate parser" + depends on ASYMMETRIC_PUBLIC_KEY_SUBTYPE + select ASN1 + select OID_REGISTRY + help + This option procides support for parsing X.509 format blobs for key + data and provides the ability to instantiate a crypto key from a + public key packet found inside the certificate. + +endif # ASYMMETRIC_KEY_TYPE |